Firebase CronJobs - how to allow http triggers from one cronjob site
Since Firebase (Real-time DB) does not support cron-jobs I am using cron-job.org to schedule http triggers. This function should fire once at the end of every day, so at around 11:55pm. The thing is I would like only cron-job.org to be able to trigger the http endpoint and no one else (e.g. someone malicious trying to trigger it many times a day). How can I achieve this in my cloud function?
I have setup the cronjob and this is all the code I have right now:
exports.findAndDeleteSevenDayJobs = functions.https.onRequest((req, res) => {
console.log('req',req);
});
Also, cron-job.org offers this:
And I have no idea how to use it.
To create cron-jobs in firebase RDB use a third party service like cron-job.org
1) CREATING THE KEY
To make everything secure you have to generate a secure key, from now on called YourSelfGeneratedButSecureKey.
You can generate one in your terminal by typing: node -e "console.log(require('crypto').randomBytes(20).toString('hex'))"
2) CREATING CRON JOB
Create a new cron-job that will hit your cloud function end-point and attach the created key as a url-query like so:
https://{projectSpecific}.cloudfunctions.net/{nameOfFunction}?key={YourSelfGeneratedButSecureKey}
Setup the key into your env by using the following command in your terminal:
firebase functions:config:set cron.key="{YourSelfGeneratedButSecureKey}"
3) CLOUD FUNCTION
To make sure everything is maximum security you can install secure-compare by typing npm install --save secure-compare;
Then in your cloud function:
const secureCompare = require('secure-compare');
exports.{nameOfFunction} = functions.https.onRequest((req, res) => {
const { key } = req.query;
if (!secureCompare(key, functions.config().cron.key)) {
console.log('Key in request and in env do NOT match');
res.status(403).send('Security key does not match.');
return null;
}
// DO REPETITIVE STUFF SECURELY
});
- How to detect whether google auth login user is a NewUser or not using firebase in react native
- How to proxy a Firebase Hosting API url to another backend api endpoint using rewrites
- Is there a way to connect cloud firestore to realtime database using Cloud functions?
- The Bundle ID in the certificate does not match the Bundle ID you entered
- CLIENT_ID, REVERSED_CLIENT_ID and ANDROID_CLIENT_ID missing from GoogleService-Info.plist with Firebase on IOS
- Xcode "Missing package product 'GoogleUtilities_UserDefaults'" after updating to latest package version using SPM
- Is there a limit or cost for Snapshot Listeners?
- Flutter: include of non-modular header inside framework module 'firebase_core.FLTFirebasePlugin'
- How can I send a Firebase Cloud Messaging notification without use the Firebase Console?
- Firebase Firestore REST Request - Query and Filter
- How to count number of messages in firebasefirestore collection in flutter
- Firebase delay in fetching user
- Firebase "getIdToken(true)" in Java Backend
- Firebase Undefined symbols for architecture x86_64
- FirebaseAuth - Get tokenId in Java backend
- Firebase functions imports in firebase functions 6.0.1
- About FIREBASE => Angular , how to read data in FIREBASE when we use Push method to write data
- Messages are not ordering correctly in Firebase
- How to properly create URL Masking for Cloud Functions to create a NEG?
- how to end ng serve or firebase serve
- Firebase App Check Throws 401 Error on iOS Devices
- web - readAsBytes throws Unsupported operation: _Namespace
- Firestore set doc with merge option true or update doc
- How to delete a key:value pair from Firebase map?
- Firebase Functions "cannot determine backend specification"
- Cant access Firebase Admin SDK via Node.js on my VPS, but I can on my local machine
- Firestore get value of Field.increment after update without reading the document data
- Firebase - lacks IAM permission "cloudscheduler.jobs.update"
- Sign In with LinkedIn using OpenID Connect with Firebase Auth or GCP Identity Platform
- facebookAuthCredential.idToken is null in Flutter